Created
May 2, 2023 05:20
-
-
Save t04glovern/a44a8bdb885adb83c5808f0fea9af160 to your computer and use it in GitHub Desktop.
This script will check for any StackSets that are not in the manifest.yaml file - https://github.com/aws-solutions/aws-control-tower-customizations/releases/tag/v2.5.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # This script will check for any StackSets that are not in the manifest.yaml file. | |
| # https://github.com/aws-solutions/aws-control-tower-customizations/releases/tag/v2.5.0 | |
| import boto3 | |
| import yaml | |
| import logging | |
| logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s') | |
| def get_matching_stacksets(prefix, tag_key, tag_value): | |
| client = boto3.client('cloudformation') | |
| paginator = client.get_paginator('list_stack_sets') | |
| matching_stacksets = [] | |
| for page in paginator.paginate(): | |
| for stack_set in page['Summaries']: | |
| stack_set_name = stack_set['StackSetName'] | |
| if stack_set_name.startswith(prefix) and stack_set['Status'] != 'DELETED': | |
| stack_set_tags = client.describe_stack_set(StackSetName=stack_set_name)['StackSet']['Tags'] | |
| if any(tag['Key'] == tag_key and tag['Value'] == tag_value for tag in stack_set_tags): | |
| matching_stacksets.append(stack_set_name) | |
| return matching_stacksets | |
| def get_stack_names_from_manifest(file_path): | |
| with open(file_path, 'r') as file: | |
| return [resource['name'] for resource in yaml.safe_load(file)['resources']] | |
| def get_unmatched_stacksets(stacksets, manifest_stack_names, prefix): | |
| return [stack_set for stack_set in stacksets if stack_set[len(prefix):] not in manifest_stack_names] | |
| if __name__ == '__main__': | |
| prefix, tag_key, tag_value, manifest_file_path = 'CustomControlTower-', 'AWS_Solutions', 'CustomControlTowerStackSet', 'manifest.yaml' | |
| logging.info('Getting matching StackSets...') | |
| matching_stacksets = get_matching_stacksets(prefix, tag_key, tag_value) | |
| logging.info(f'Matching StackSets: {matching_stacksets}') | |
| logging.info('Reading stack names from manifest...') | |
| manifest_stack_names = get_stack_names_from_manifest(manifest_file_path) | |
| logging.info(f'Manifest Stack Names: {manifest_stack_names}') | |
| logging.info('Finding unmatched StackSets...') | |
| unmatched_stacksets = get_unmatched_stacksets(matching_stacksets, manifest_stack_names, prefix) | |
| logging.info(f'Unmatched StackSets: {unmatched_stacksets}') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment